Edenian
-
Items
9 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Edenian
-
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
Ja zalig! Eindelijk! Alles lukt terug, ik test het altijd door een game op te starten want na de loading screens start hij altijd opnieuw op (bsod). En deze keer ging alles vloeiend! Perfect, hartelijk bedankt! -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
Kunt u me ook zeggen hoe de slaapstand uit te schakelen? -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
Eens de pc hersteld door zijn instellingen van een vorige datum te nemen. Het ging een tijd perfect. Nu krijg ik weer constant blue screens en kan hem weer nie in slaapstand zetten... -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
Neen... Halfverwege de: Windows wordt hervat blijft hij weer hangen en kan ik niet op F8 duwen. Weer herstelgegevens moeten verwijderen om te kunnen opstarten. -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
ComboFix 11-06-12.04 - Andreas Verheyde 13/06/2011 16:22:12.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1022.625 [GMT 2:00] Gestart vanuit: c:\documents and settings\Andreas Verheyde\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Andreas Verheyde\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))) . . 2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Malwarebytes 2011-06-12 21:26 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-12 21:26 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-12 09:32 . 2011-06-12 09:32 388096 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-12 09:32 . 2011-06-12 09:32 -------- d-----w- c:\program files\HiJack 2011-06-11 22:52 . 2011-06-11 22:52 -------- d-----w- c:\program files\FastStone Capture 2011-06-09 21:46 . 2011-02-06 10:31 1241888 ----a-w- c:\windows\system32\libxml2.dll 2011-06-09 21:46 . 2010-11-03 15:52 324896 ----a-w- c:\windows\system32\libtidy.dll 2011-06-09 21:46 . 2009-11-03 14:51 406816 ----a-w- c:\windows\system32\SQLite3.dll 2011-06-08 14:51 . 2011-06-08 14:51 -------- d-----w- c:\program files\Common Files\Java 2011-06-04 14:40 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-06-04 14:40 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-06-03 20:42 . 2011-06-03 20:42 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Real 2011-06-03 20:36 . 2011-06-04 07:25 -------- d-----w- c:\program files\Real 2011-05-28 19:41 . 2011-06-03 20:10 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\go 2011-05-28 19:41 . 2011-06-03 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Easybits GO 2011-05-26 20:37 . 2011-05-26 20:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-24 16:16 . 2011-06-03 15:33 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Mijn Battle for Middle-earth bestanden 2011-05-23 18:56 . 2011-05-23 18:57 -------- d-----w- c:\program files\Common Files\Adobe 2011-05-23 18:48 . 2011-05-31 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype Extras 2011-05-23 18:47 . 2011-05-23 18:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2011-05-23 18:46 . 2011-05-23 18:46 -------- d-----w- c:\program files\Common Files\Skype 2011-05-23 16:22 . 2011-06-13 10:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\BitDefender 2011-05-22 18:52 . 2011-05-22 18:52 5638 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-05-22 18:42 . 2011-05-22 18:42 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2011-05-22 18:40 . 2011-05-22 18:40 -------- d-----w- c:\windows\system32\wbem\Repository 2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\program files\HP 2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\windows\Downloaded Installations 2011-05-22 15:00 . 2011-05-22 15:00 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\PrivacIE 2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- c:\program files\ATI Technologies 2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- C:\AMD 2011-05-22 10:57 . 2011-05-22 10:57 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\PCHealth 2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\IETldCache 2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-05-22 10:36 . 2011-05-22 10:36 -------- d-----w- c:\windows\system32\winrm 2011-05-22 10:33 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll 2011-05-22 10:32 . 2011-05-22 10:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2011-05-22 10:32 . 2011-02-22 23:07 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-05-22 10:32 . 2011-02-22 23:07 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-05-22 10:32 . 2011-02-22 23:07 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-05-22 10:32 . 2011-02-22 23:07 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-05-22 10:32 . 2011-02-22 23:07 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-05-22 10:32 . 2011-02-22 23:07 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-05-22 10:32 . 2011-02-22 23:07 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-05-22 10:30 . 2011-05-22 10:32 -------- dc-h--w- c:\windows\ie8 2011-05-22 10:24 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Identities 2011-05-22 10:17 . 2011-05-22 17:52 -------- d-----w- c:\program files\Windows Desktop Search 2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\windows\system32\GroupPolicy 2011-05-22 10:16 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2011-05-22 10:16 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2011-05-22 10:16 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2011-05-21 09:03 . 2011-05-21 09:03 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan 2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan 2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch 2011-05-21 01:31 . 2011-06-13 10:24 -------- d-----w- c:\program files\Common Files\BitDefender 2011-05-21 00:58 . 2011-05-21 00:58 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\QuickScan 2011-05-21 00:56 . 2011-06-13 10:23 629699 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin 2011-05-15 14:55 . 2011-05-15 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\FNET 2011-05-15 12:26 . 2011-05-15 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-10 16:29 . 2011-05-10 16:29 132608 ----a-w- c:\windows\system32\drivers\ethyohxr.sys 2011-05-08 13:35 . 2010-07-01 16:18 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-05-08 13:35 . 2010-03-06 20:04 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-05-08 13:35 . 2010-03-06 20:00 234536 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-05-07 18:53 . 2011-05-07 18:53 29184 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe 2011-05-04 02:52 . 2010-05-19 15:36 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2010-05-19 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-01 17:42 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll 2011-05-01 17:42 . 2009-08-18 09:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-04-16 12:54 . 2010-01-29 18:03 139152 ----a-w- c:\documents and settings\Andreas Verheyde\Application Data\PnkBstrK.sys 2011-04-16 12:54 . 2010-03-06 18:53 794408 ----a-w- c:\windows\system32\pbsvc.exe 2011-04-16 12:54 . 2010-01-29 18:03 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll 2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2011-04-08 11:32 . 2011-04-08 11:32 41872 ----a-w- c:\windows\system32\xfcodec.dll 2011-04-08 05:14 . 2006-11-17 16:29 4111232 ----a-w- c:\windows\system32\nv4_disp.dll 2011-04-08 05:14 . 2006-11-17 16:29 2027008 ----a-w- c:\windows\system32\nvapi.dll 2011-04-08 05:14 . 2006-11-17 16:29 14856192 ----a-w- c:\windows\system32\nvoglnt.dll 2011-04-08 05:14 . 2006-11-17 16:29 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2011-04-07 20:16 . 2011-04-07 20:16 81920 ----a-w- c:\windows\system32\nvwddi.dll 2011-04-07 20:16 . 2011-04-07 20:16 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll 2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll 2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll 2011-04-07 20:16 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll 2011-04-07 20:16 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll 2011-04-07 20:16 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll 2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll 2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll 2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll 2011-04-07 20:16 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll 2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll 2011-04-07 20:16 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll 2011-04-07 20:16 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll 2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll 2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll 2011-04-07 20:16 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll 2011-04-07 20:16 . 2011-04-07 20:16 277608 ----a-w- c:\windows\system32\nvmccs.dll 2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll 2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll 2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll 2011-04-07 20:16 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll 2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll 2011-04-07 20:16 . 2011-04-07 20:16 13891176 ----a-w- c:\windows\system32\nvcpl.dll 2011-04-07 20:16 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-04-07 20:16 . 2011-04-07 20:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe 2011-04-07 20:16 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe 2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe 2011-04-14 16:57 . 2011-04-30 12:36 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176] "RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-12-05 61440] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-04-07 111208] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-08-22 172032] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Domino"="c:\windows\Domino.exe" [2006-08-18 49152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2011-3-8 1179648] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"= "c:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "c:\\Program Files\\StarCraft II\\StarCraft II.exe"= "c:\\Program Files\\StarCraft II\\Versions\\Base18092\\SC2.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Microsoft Games\\Project S\\Spartan.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\BitDefender\\BitDefender 2011\\vsserv.exe"= "c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\game.dat"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\patchget.dat"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58823:TCP"= 58823:TCP:Pando Media Booster "58823:UDP"= 58823:UDP:Pando Media Booster "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 . R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [30/09/2010 11:23 23680] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [30/09/2005 12:52 2808704] S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys --> c:\windows\system32\Drivers\avgldx86.sys [?] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/03/2006 14:00 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [28/08/2010 19:03 16512] S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys --> c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/06/2011 23:26 39984] S3 SampleScanner;Ultima2000 Scanner;c:\windows\system32\drivers\GT680X.SYS [12/02/2010 20:18 18120] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [5/10/2005 11:44 468768] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Inhoud van de 'Gedeelde Taken' map . 2011-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] . 2010-12-11 c:\windows\Tasks\expressburnShakeIcon.job - c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-12-08 14:49] . 2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32] . 2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32] . 2011-02-01 c:\windows\Tasks\photopadSevenDays.job - c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31] . 2011-02-01 c:\windows\Tasks\photopadShakeIcon.job - c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31] . 2011-02-01 c:\windows\Tasks\pixillionSevenDays.job - c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31] . 2011-02-01 c:\windows\Tasks\pixillionShakeIcon.job - c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\documents and settings\Andreas Verheyde\Application Data\Mozilla\Firefox\Profiles\1h47k6ld.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-13 16:34 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: ST3300831AS rev.3.03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 . device: opened successfully user: MBR read successfully error: Read Een apparaat dat op het systeem is aangesloten, werkt niet. kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi DriverStartIo -> 0x8670431B user & kernel MBR OK . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2328) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll . Voltooingstijd: 2011-06-13 16:38:26 ComboFix-quarantined-files.txt 2011-06-13 14:38 ComboFix2.txt 2011-06-13 11:13 . Pre-Run: 88.713.043.968 bytes beschikbaar Post-Run: 88.749.330.432 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 70DA04E37C92D686616D59E76C737092 -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
ComboFix 11-06-12.04 - Andreas Verheyde 13/06/2011 12:45:28.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1022.497 [GMT 2:00] Gestart vanuit: c:\documents and settings\Andreas Verheyde\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Andreas Verheyde\WINDOWS C:\Install.exe c:\program files\Any Video To DVD Toolbar\tbHElper.dll c:\windows\Downloaded Program Files\IDropPTB.dll c:\windows\IsUn0413.exe . c:\windows\system32\kernel32.dll . . . is geïnfecteerd!! . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))) . . 2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Malwarebytes 2011-06-12 21:26 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-12 21:26 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-12 09:32 . 2011-06-12 09:32 388096 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-12 09:32 . 2011-06-12 09:32 -------- d-----w- c:\program files\HiJack 2011-06-11 22:52 . 2011-06-11 22:52 -------- d-----w- c:\program files\FastStone Capture 2011-06-09 21:46 . 2011-02-06 10:31 1241888 ----a-w- c:\windows\system32\libxml2.dll 2011-06-09 21:46 . 2010-11-03 15:52 324896 ----a-w- c:\windows\system32\libtidy.dll 2011-06-09 21:46 . 2009-11-03 14:51 406816 ----a-w- c:\windows\system32\SQLite3.dll 2011-06-08 14:51 . 2011-06-08 14:51 -------- d-----w- c:\program files\Common Files\Java 2011-06-04 14:40 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-06-04 14:40 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-06-03 20:42 . 2011-06-03 20:42 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Real 2011-06-03 20:36 . 2011-06-04 07:25 -------- d-----w- c:\program files\Real 2011-05-28 19:41 . 2011-06-03 20:10 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\go 2011-05-28 19:41 . 2011-06-03 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Easybits GO 2011-05-26 20:37 . 2011-05-26 20:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-24 16:16 . 2011-06-03 15:33 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Mijn Battle for Middle-earth bestanden 2011-05-23 18:56 . 2011-05-23 18:57 -------- d-----w- c:\program files\Common Files\Adobe 2011-05-23 18:48 . 2011-05-31 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype Extras 2011-05-23 18:47 . 2011-05-23 18:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2011-05-23 18:46 . 2011-05-23 18:46 -------- d-----w- c:\program files\Common Files\Skype 2011-05-23 16:22 . 2011-06-13 10:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\BitDefender 2011-05-22 18:52 . 2011-05-22 18:52 5638 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-05-22 18:42 . 2011-05-22 18:42 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2011-05-22 18:40 . 2011-05-22 18:40 -------- d-----w- c:\windows\system32\wbem\Repository 2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\program files\HP 2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\windows\Downloaded Installations 2011-05-22 15:00 . 2011-05-22 15:00 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\PrivacIE 2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- c:\program files\ATI Technologies 2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- C:\AMD 2011-05-22 10:57 . 2011-05-22 10:57 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\PCHealth 2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\IETldCache 2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-05-22 10:36 . 2011-05-22 10:36 -------- d-----w- c:\windows\system32\winrm 2011-05-22 10:33 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll 2011-05-22 10:32 . 2011-05-22 10:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2011-05-22 10:32 . 2011-02-22 23:07 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-05-22 10:32 . 2011-02-22 23:07 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-05-22 10:32 . 2011-02-22 23:07 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-05-22 10:32 . 2011-02-22 23:07 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-05-22 10:32 . 2011-02-22 23:07 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-05-22 10:32 . 2011-02-22 23:07 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-05-22 10:32 . 2011-02-22 23:07 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-05-22 10:30 . 2011-05-22 10:32 -------- dc-h--w- c:\windows\ie8 2011-05-22 10:24 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Identities 2011-05-22 10:17 . 2011-05-22 17:52 -------- d-----w- c:\program files\Windows Desktop Search 2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\windows\system32\GroupPolicy 2011-05-22 10:16 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2011-05-22 10:16 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2011-05-22 10:16 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2011-05-21 09:03 . 2011-05-21 09:03 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan 2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan 2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch 2011-05-21 01:31 . 2011-06-13 10:24 -------- d-----w- c:\program files\Common Files\BitDefender 2011-05-21 00:58 . 2011-05-21 00:58 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\QuickScan 2011-05-21 00:56 . 2011-06-13 10:23 629699 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin 2011-05-15 14:55 . 2011-05-15 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\FNET 2011-05-15 12:26 . 2011-05-15 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-10 16:29 . 2011-05-10 16:29 132608 ----a-w- c:\windows\system32\drivers\ethyohxr.sys 2011-05-08 13:35 . 2010-07-01 16:18 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-05-08 13:35 . 2010-03-06 20:04 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-05-08 13:35 . 2010-03-06 20:00 234536 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-05-07 18:53 . 2011-05-07 18:53 29184 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe 2011-05-04 02:52 . 2010-05-19 15:36 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2010-05-19 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-01 17:42 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll 2011-05-01 17:42 . 2009-08-18 09:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-04-16 12:54 . 2010-01-29 18:03 139152 ----a-w- c:\documents and settings\Andreas Verheyde\Application Data\PnkBstrK.sys 2011-04-16 12:54 . 2010-03-06 18:53 794408 ----a-w- c:\windows\system32\pbsvc.exe 2011-04-16 12:54 . 2010-01-29 18:03 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll 2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2011-04-08 11:32 . 2011-04-08 11:32 41872 ----a-w- c:\windows\system32\xfcodec.dll 2011-04-08 05:14 . 2006-11-17 16:29 4111232 ----a-w- c:\windows\system32\nv4_disp.dll 2011-04-08 05:14 . 2006-11-17 16:29 2027008 ----a-w- c:\windows\system32\nvapi.dll 2011-04-08 05:14 . 2006-11-17 16:29 14856192 ----a-w- c:\windows\system32\nvoglnt.dll 2011-04-08 05:14 . 2006-11-17 16:29 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2011-04-07 20:16 . 2011-04-07 20:16 81920 ----a-w- c:\windows\system32\nvwddi.dll 2011-04-07 20:16 . 2011-04-07 20:16 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll 2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll 2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll 2011-04-07 20:16 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll 2011-04-07 20:16 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll 2011-04-07 20:16 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll 2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll 2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll 2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll 2011-04-07 20:16 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll 2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll 2011-04-07 20:16 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll 2011-04-07 20:16 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll 2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll 2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll 2011-04-07 20:16 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll 2011-04-07 20:16 . 2011-04-07 20:16 277608 ----a-w- c:\windows\system32\nvmccs.dll 2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll 2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll 2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll 2011-04-07 20:16 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll 2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll 2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll 2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll 2011-04-07 20:16 . 2011-04-07 20:16 13891176 ----a-w- c:\windows\system32\nvcpl.dll 2011-04-07 20:16 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-04-07 20:16 . 2011-04-07 20:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe 2011-04-07 20:16 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe 2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe 2011-04-14 16:57 . 2011-04-30 12:36 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176] "ZSSnp211"="c:\windows\ZSSnp211.exe" [2007-04-06 57344] "RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-12-05 61440] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-04-07 111208] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-08-22 172032] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Domino"="c:\windows\Domino.exe" [2006-08-18 49152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2011-3-8 1179648] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"= "c:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "c:\\Program Files\\StarCraft II\\StarCraft II.exe"= "c:\\Program Files\\StarCraft II\\Versions\\Base18092\\SC2.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Microsoft Games\\Project S\\Spartan.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\BitDefender\\BitDefender 2011\\vsserv.exe"= "c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\game.dat"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\patchget.dat"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58823:TCP"= 58823:TCP:Pando Media Booster "58823:UDP"= 58823:UDP:Pando Media Booster "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 . R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [30/09/2010 11:23 23680] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [30/09/2005 12:52 2808704] S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys --> c:\windows\system32\Drivers\avgldx86.sys [?] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/03/2006 14:00 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [28/08/2010 19:03 16512] S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys --> c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/06/2011 23:26 39984] S3 SampleScanner;Ultima2000 Scanner;c:\windows\system32\drivers\GT680X.SYS [12/02/2010 20:18 18120] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [5/10/2005 11:44 468768] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Inhoud van de 'Gedeelde Taken' map . 2011-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] . 2010-12-11 c:\windows\Tasks\expressburnShakeIcon.job - c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-12-08 14:49] . 2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32] . 2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32] . 2011-02-01 c:\windows\Tasks\photopadSevenDays.job - c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31] . 2011-02-01 c:\windows\Tasks\photopadShakeIcon.job - c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31] . 2011-02-01 c:\windows\Tasks\pixillionSevenDays.job - c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31] . 2011-02-01 c:\windows\Tasks\pixillionShakeIcon.job - c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\documents and settings\Andreas Verheyde\Application Data\Mozilla\Firefox\Profiles\1h47k6ld.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p= . . ------- Bestandsassociaties ------- . .scr=DWGTrueViewScriptFile . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-BSPlayerp - c:\program files\Webteh\BSplayerPro\uninstall.exe AddRemove-DoremiSoft AVI to MP3 Converter - c:\program files\DoremiSoft\DoremiSoft AVI to MP3 Converter\uninst.exe AddRemove-Flachbettscanner - c:\windows\IsUn0413.exe AddRemove-Free iPod Video Converter_is1 - c:\program files\Free iPod Video Converter\unins000.exe AddRemove-Logitech Touch Mouse Server - c:\program files\Logitech Touch Mouse Server\uninst.exe AddRemove-Macro Express 3 - c:\progra~1\MACROE~1\UNWISE.EXE AddRemove-StarCraft II - c:\program files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-13 13:06 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: ST3300831AS rev.3.03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 . device: opened successfully user: MBR read successfully error: Read Een apparaat dat op het systeem is aangesloten, werkt niet. kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi DriverStartIo -> 0x866E831B user & kernel MBR OK . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3876) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\program files\TVersity\Media Server\MediaServer.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\RUNDLL32.EXE c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2011-06-13 13:13:46 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-13 11:13 . Pre-Run: 81.834.242.048 bytes beschikbaar Post-Run: 87.650.136.064 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 06810ABA61233CE3C9B62825431B8E24 -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
Hmm, jammer genoeg wel. Opstarten lukt wel als de pc volledig afstaat. Nu net zette ik hem in slaapstand om het te testen en kreeg ik nog meer problemen. Ik had minder tijd om op F8 te duwen voor m'n herstelgegevens te verwijderen. Toen het me wel gelukt was starte explorer niet meer op. Ik kreeg alleen mijn bureaublad achtergrond zonder iets. Dus heb ik hem via ctrl+alt+del helemaal afgezet. Toen starte hij wel volledig en juist op. -
Laptop geraakt niet meer uit slaapstand
Edenian reageerde op Edenian's topic in Archief Bestrijding malware & virussen
Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6842 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 12/06/2011 23:51:38 mbam-log-2011-06-12 (23-51-37).txt Scantype: Snelle scan Objecten gescand: 215408 Verstreken tijd: 20 minuut/minuten, 21 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\WINDOWS\Tasks\sunmicro java update.job (Malware.Trace) -> Quarantined and deleted successfully. c:\documents and settings\andreas verheyde\application data\data.dat (Stolen.Data) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:57:58, on 12/06/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\ZSSnp211.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\Domino.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WiFiConnector\NintendoWFCReg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 9756 bytes Bedankt voor het snelle antwoord! -
Laptop geraakt niet meer uit slaapstand
Edenian plaatste een topic in Archief Bestrijding malware & virussen
Ik heb hier namelijk hetzelfde probleem. Tijdens de windows hervat dinges blokkeert hij in de helft. Dit is m'n log van de HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:33:17, on 12/06/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\ZSSnp211.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\Domino.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\WiFiConnector\NintendoWFCReg.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\BitDefender\BitDefender 2011\seccenter.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Any Video To DVD Toolbar\tbhelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Any Video To DVD Toolbar\tbcore3.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll O3 - Toolbar: Any Video To DVD Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Any Video To DVD Toolbar\tbcore3.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files\AVG\AVG9\avgemc.exe (file missing) O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files\AVG\AVG9\avgwdsvc.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 11516 bytes
